14 files changed, 163 insertions, 63 deletions
diff --git a/pkg/report/akaros.go b/pkg/report/akaros.go
index 83f3cf3f4..8a328fce9 100644
--- a/pkg/report/akaros.go
+++ b/pkg/report/akaros.go
@@ -133,7 +133,7 @@ var akarosStackParams = &stackParams{
 	},
 }
 
-var akarosOopses = []*oops{
+var akarosOopses = append([]*oops{
 	{
 		[]byte("kernel panic"),
 		[]oopsFormat{
@@ -188,4 +188,4 @@ var akarosOopses = []*oops{
 		},
 		[]*regexp.Regexp{},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/freebsd.go b/pkg/report/freebsd.go
index c5ced44d8..38716df45 100644
--- a/pkg/report/freebsd.go
+++ b/pkg/report/freebsd.go
@@ -73,7 +73,7 @@ func (ctx *freebsd) Symbolize(rep *Report) error {
 
 var freebsdStackParams = &stackParams{}
 
-var freebsdOopses = []*oops{
+var freebsdOopses = append([]*oops{
 	{
 		[]byte("Fatal trap"),
 		[]oopsFormat{
@@ -123,4 +123,4 @@ var freebsdOopses = []*oops{
 		},
 		[]*regexp.Regexp{},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/fuchsia.go b/pkg/report/fuchsia.go
index 25facf658..df64055e4 100644
--- a/pkg/report/fuchsia.go
+++ b/pkg/report/fuchsia.go
@@ -185,7 +185,7 @@ var zirconStackParams = &stackParams{
 	},
 }
 
-var zirconOopses = []*oops{
+var zirconOopses = append([]*oops{
 	{
 		[]byte("ZIRCON KERNEL PANIC"),
 		[]oopsFormat{
@@ -316,17 +316,4 @@ var zirconOopses = []*oops{
 			compile("<== fatal exception: process .+?syz.+?\\["),
 		},
 	},
-	{
-		// Panics in Go services.
-		[]byte("panic: "),
-		[]oopsFormat{
-			{
-				title:        compile("panic: .*"),
-				report:       compile("panic: (.*)(?:.*\\n)+?.* goroutine"),
-				fmt:          "panic: %[1]v",
-				noStackTrace: true,
-			},
-		},
-		[]*regexp.Regexp{},
-	},
-}
+}, commonOopses...)
diff --git a/pkg/report/gvisor.go b/pkg/report/gvisor.go
index 958e98975..ebe790e78 100644
--- a/pkg/report/gvisor.go
+++ b/pkg/report/gvisor.go
@@ -95,18 +95,7 @@ var gvisorTitleReplacement = []replacement{
 	},
 }
 
-var gvisorOopses = []*oops{
-	{
-		[]byte("panic:"),
-		[]oopsFormat{
-			{
-				title:        compile("panic:(.*)"),
-				fmt:          "panic:%[1]v",
-				noStackTrace: true,
-			},
-		},
-		[]*regexp.Regexp{},
-	},
+var gvisorOopses = append([]*oops{
 	{
 		[]byte("Panic:"),
 		[]oopsFormat{
@@ -130,17 +119,6 @@ var gvisorOopses = []*oops{
 		[]*regexp.Regexp{},
 	},
 	{
-		[]byte("runtime error:"),
-		[]oopsFormat{
-			{
-				title:        compile("runtime error:(.*)"),
-				fmt:          "runtime error:%[1]v",
-				noStackTrace: true,
-			},
-		},
-		[]*regexp.Regexp{},
-	},
-	{
 		[]byte("SIGSEGV:"),
 		[]oopsFormat{
 			{
@@ -197,4 +175,4 @@ var gvisorOopses = []*oops{
 		},
 		[]*regexp.Regexp{},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/linux.go b/pkg/report/linux.go
index 5a7bb79d1..f57011fed 100644
--- a/pkg/report/linux.go
+++ b/pkg/report/linux.go
@@ -853,7 +853,7 @@ func warningStackFmt(skip ...string) *stackFmt {
 	}
 }
 
-var linuxOopses = []*oops{
+var linuxOopses = append([]*oops{
 	{
 		[]byte("BUG:"),
 		[]oopsFormat{
@@ -1584,4 +1584,4 @@ var linuxOopses = []*oops{
 		},
 		[]*regexp.Regexp{},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/netbsd.go b/pkg/report/netbsd.go
index 45c7c2717..5ebdc7524 100644
--- a/pkg/report/netbsd.go
+++ b/pkg/report/netbsd.go
@@ -145,7 +145,7 @@ func (ctx *netbsd) symbolizeLine(symbFunc func(bin string, pc uint64) ([]symboli
 }
 
 // nolint: lll
-var netbsdOopses = []*oops{
+var netbsdOopses = append([]*oops{
 	{
 		[]byte("fault in supervisor mode"),
 		[]oopsFormat{
@@ -188,4 +188,4 @@ var netbsdOopses = []*oops{
 		},
 		[]*regexp.Regexp{},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/openbsd.go b/pkg/report/openbsd.go
index 7757afe3d..5d1821b14 100644
--- a/pkg/report/openbsd.go
+++ b/pkg/report/openbsd.go
@@ -136,7 +136,7 @@ func (ctx *openbsd) symbolizeLine(symbFunc func(bin string, pc uint64) ([]symbol
 	return symbolized
 }
 
-var openbsdOopses = []*oops{
+var openbsdOopses = append([]*oops{
 	{
 		[]byte("cleaned vnode"),
 		[]oopsFormat{
@@ -235,4 +235,4 @@ var openbsdOopses = []*oops{
 			compile("reorder_kernel"),
 		},
 	},
-}
+}, commonOopses...)
diff --git a/pkg/report/report.go b/pkg/report/report.go
index a434b3313..4528a0404 100644
--- a/pkg/report/report.go
+++ b/pkg/report/report.go
@@ -593,3 +593,19 @@ var (
 	filenameRe    = regexp.MustCompile(`[a-zA-Z0-9_\-\./]*[a-zA-Z0-9_\-]+\.(c|h):[0-9]+`)
 	reportFrameRe = regexp.MustCompile(`.* in ([a-zA-Z0-9_]+)`)
 )
+
+// These are produced by syzkaller itself.
+// But also catches crashes in Go programs in gvisor/fuchsia.
+var commonOopses = []*oops{
+	{
+		[]byte("panic:"),
+		[]oopsFormat{
+			{
+				title:        compile("panic:(.*)"),
+				fmt:          "panic:%[1]v",
+				noStackTrace: true,
+			},
+		},
+		[]*regexp.Regexp{},
+	},
+}
diff --git a/pkg/report/report_test.go b/pkg/report/report_test.go
index 3c966e751..aebcb45f8 100644
--- a/pkg/report/report_test.go
+++ b/pkg/report/report_test.go
@@ -303,15 +303,9 @@ func testGuiltyFile(t *testing.T, reporter Reporter, fn string) {
 }
 
 func forEachFile(t *testing.T, dir string, fn func(t *testing.T, reporter Reporter, fn string)) {
-	testFilenameRe := regexp.MustCompile("^[0-9]+$")
 	for os := range ctors {
-		path := filepath.Join("testdata", os, dir)
-		if !osutil.IsExist(path) {
-			continue
-		}
-		files, err := ioutil.ReadDir(path)
-		if err != nil {
-			t.Fatal(err)
+		if os == "windows" {
+			continue // not implemented
 		}
 		cfg := &mgrconfig.Config{
 			TargetOS:   os,
@@ -321,15 +315,35 @@ func forEachFile(t *testing.T, dir string, fn func(t *testing.T, reporter Report
 		if err != nil {
 			t.Fatal(err)
 		}
-		for _, file := range files {
-			if !testFilenameRe.MatchString(file.Name()) {
-				continue
-			}
-			t.Run(fmt.Sprintf("%v/%v", os, file.Name()), func(t *testing.T) {
-				fn(t, reporter, filepath.Join(path, file.Name()))
+		for _, file := range readDir(t, filepath.Join("testdata", os, dir)) {
+			t.Run(fmt.Sprintf("%v/%v", os, filepath.Base(file)), func(t *testing.T) {
+				fn(t, reporter, file)
 			})
 		}
+		for _, file := range readDir(t, filepath.Join("testdata", "all", dir)) {
+			t.Run(fmt.Sprintf("%v/all/%v", os, filepath.Base(file)), func(t *testing.T) {
+				fn(t, reporter, file)
+			})
+		}
+	}
+}
+
+func readDir(t *testing.T, dir string) (files []string) {
+	if !osutil.IsExist(dir) {
+		return nil
+	}
+	entries, err := ioutil.ReadDir(dir)
+	if err != nil {
+		t.Fatal(err)
+	}
+	testFilenameRe := regexp.MustCompile("^[0-9]+$")
+	for _, ent := range entries {
+		if !testFilenameRe.MatchString(ent.Name()) {
+			continue
+		}
+		files = append(files, filepath.Join(dir, ent.Name()))
 	}
+	return
 }
 
 func TestReplace(t *testing.T) {
diff --git a/pkg/report/testdata/all/report/0 b/pkg/report/testdata/all/report/0
new file mode 100644
index 000000000..4e27256e7
--- /dev/null
+++ b/pkg/report/testdata/all/report/0
@@ -0,0 +1,19 @@
+TITLE: panic: bad arg kind
+
+panic: bad arg kind
+
+goroutine 25 [running]:
+github.com/google/syzkaller/prog.clone(0x0, 0x0, 0xc003ab9e38, 0xc001037040, 0x10)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:75 +0x8b8
+github.com/google/syzkaller/prog.clone(0x97ca80, 0xc001d3f650, 0xc003ab9e38, 0xc00184bf70, 0x30)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:53 +0x17c
+github.com/google/syzkaller/prog.clone(0x97ca80, 0xc001d3f680, 0xc003ab9e38, 0xc003ab9ec8, 0x30)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:53 +0x17c
+github.com/google/syzkaller/prog.clone(0x97cac0, 0xc001d3f6b0, 0xc003ab9e38, 0x97cb00, 0xc0022c7940)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:40 +0x570
+github.com/google/syzkaller/prog.(*Prog).Clone(0xc001d8d100, 0xc002fdb470)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:20 +0x270
+main.(*Proc).loop(0xc002fc86c0)
+	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:98 +0x3cb
+created by main.main
+	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:258 +0x111b
diff --git a/pkg/report/testdata/all/report/1 b/pkg/report/testdata/all/report/1
new file mode 100644
index 000000000..914c1bc6b
--- /dev/null
+++ b/pkg/report/testdata/all/report/1
@@ -0,0 +1,25 @@
+TITLE: panic: no result
+
+panic: no result
+
+goroutine 36 [running]:
+github.com/google/syzkaller/prog.(*ResultArg).serialize(0xc005120640, 0xc005177420)
+	/home/ghani/go/src/github.com/google/syzkaller/prog/encoding.go:172 +0x3a7
+github.com/google/syzkaller/prog.(*serializer).arg(0xc005177420, 0x9f5ec0, 0xc005120640)
+	/home/ghani/go/src/github.com/google/syzkaller/prog/encoding.go:80 +0x40
+github.com/google/syzkaller/prog.(*serializer).call(0xc005177420, 0xc005120600)
+	/home/ghani/go/src/github.com/google/syzkaller/prog/encoding.go:70 +0x1d6
+github.com/google/syzkaller/prog.(*Prog).Serialize(0xc0051205c0, 0xc00516fb30, 0x717465, 0xc00516fb38)
+	/home/ghani/go/src/github.com/google/syzkaller/prog/encoding.go:35 +0xc8
+main.(*Proc).logProgram(0xc000101fc0, 0xc0000240e0, 0xc0051205c0)
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:316 +0x59
+main.(*Proc).executeRaw(0xc000101fc0, 0xc0000240e0, 0xc0051205c0, 0x5, 0x0)
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:293 +0xd4
+main.(*Proc).execute(0xc000101fc0, 0xc0000240e0, 0xc0051205c0, 0x0, 0x5, 0x1)
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:259 +0x67
+main.(*Proc).smashInput(0xc000101fc0, 0xc004f79f50)
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:223 +0x1d4
+main.(*Proc).loop(0xc000101fc0)
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:84 +0x12f
+created by main.main
+	/home/ghani/go/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:242 +0x1011
diff --git a/pkg/report/testdata/all/report/2 b/pkg/report/testdata/all/report/2
new file mode 100644
index 000000000..c8aecab31
--- /dev/null
+++ b/pkg/report/testdata/all/report/2
@@ -0,0 +1,22 @@
+TITLE: panic: executor 2: failed: event already set (errno 0)
+
+panic: executor 2: failed: event already set (errno 0)
+child failed (errno 2)
+loop failed (errno 0)
+
+
+goroutine 16 [running]:
+main.(*Proc).executeRaw(0x442002b480, 0x44200cafa0, 0x44280cbee0, 0x4, 0x0, 0x0, 0x0)
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:271 +0x39c
+main.(*Proc).execute(0x442002b480, 0x44200cafa0, 0x44280cbee0, 0x0, 0x4, 0x442625ce60, 0x1, 0x2a7260)
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:231 +0x40
+main.(*Proc).triageInput.func1(0x44280cbee0, 0x4, 0x1)
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:145 +0x88
+github.com/google/syzkaller/prog.Minimize(0x4423334b60, 0x6, 0x200, 0x4424751de8, 0x442b100e10, 0x7)
+	/home/jbtheou/go/src/github.com/google/syzkaller/prog/minimization.go:43 +0x10c
+main.(*Proc).triageInput(0x442002b480, 0x4423531ec0)
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:142 +0x658
+main.(*Proc).loop(0x442002b480)
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/proc.go:72 +0xe4
+created by main.main
+	/home/jbtheou/go/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:294 +0xc90
diff --git a/pkg/report/testdata/all/report/3 b/pkg/report/testdata/all/report/3
new file mode 100644
index 000000000..4def1e43f
--- /dev/null
+++ b/pkg/report/testdata/all/report/3
@@ -0,0 +1,17 @@
+TITLE: panic: first open arg is not a pointer to string const
+
+panic: first open arg is not a pointer to string const
+
+goroutine 1 [running]:
+github.com/google/syzkaller/pkg/host.extractStringConst(0x6858e0, 0xecfde0, 0x0, 0x0, 0xffffffffffffffff)
+	/home/thesis/gopath/src/github.com/google/syzkaller/pkg/host/host_linux.go:167 +0xdc
+github.com/google/syzkaller/pkg/host.isSupportedOpenAt(0xb413e0, 0x7)
+	/home/thesis/gopath/src/github.com/google/syzkaller/pkg/host/host_linux.go:153 +0x3c
+github.com/google/syzkaller/pkg/host.isSupported(0x4421a14000, 0x53eadf, 0x7ffe00, 0xb413e0, 0x4420081f00)
+	/home/thesis/gopath/src/github.com/google/syzkaller/pkg/host/host_linux.go:52 +0x178
+github.com/google/syzkaller/pkg/host.DetectSupportedSyscalls(0x44201d4480, 0x4420081f80, 0xb4df80, 0x442190701e)
+	/home/thesis/gopath/src/github.com/google/syzkaller/pkg/host/host_linux.go:34 +0xd0
+main.buildCallList(0x44201d4480, 0x44218ec000, 0x1904, 0xf)
+	/home/thesis/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:459 +0xbc
+main.main()
+	/home/thesis/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:155 +0x44c
diff --git a/pkg/report/testdata/all/report/4 b/pkg/report/testdata/all/report/4
new file mode 100644
index 000000000..4f2827c1c
--- /dev/null
+++ b/pkg/report/testdata/all/report/4
@@ -0,0 +1,22 @@
+TITLE: panic: runtime error: invalid memory address or nil pointer dereference
+
+panic: runtime error: invalid memory address or nil pointer dereference
+[signal SIGSEGV: segmentation violation code=0x1 addr=0x88 pc=0x7a0381]
+
+goroutine 24 [running]:
+github.com/google/syzkaller/prog.chooseCall.func1(0x9a6240, 0xc00306eb40, 0xc003ac0b60)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:198 +0x51
+github.com/google/syzkaller/prog.foreachArgImpl(0x9a6240, 0xc00306eb40, 0xc003035fc8, 0x0, 0x0, 0x0, 0xc002effd60)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:125 +0xbe
+github.com/google/syzkaller/prog.ForeachArg(0xc003035fc0, 0xc002effd60)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:120 +0x9e
+github.com/google/syzkaller/prog.chooseCall(0xc002fc8080, 0xc003ac9420, 0xc002c616b0, 0xc002effdc0)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:197 +0x10d
+github.com/google/syzkaller/prog.(*mutator).mutateArg(0xc002effec0, 0xa)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:161 +0x67
+github.com/google/syzkaller/prog.(*Prog).Mutate(0xc002fc8080, 0x9a0ac0, 0xc002c0d560, 0x1e, 0xc002e96980, 0xc003022000, 0x1e78, 0x2400)
+	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:44 +0x2da
+main.(*Proc).loop(0xc002fe2500)
+	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:99 +0x434
+created by main.main
+	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x114c